<?php
require('connect_sql.php');
require('function.php');


session_start();
if(isset($_SESSION['userid']))
{
	if($_POST['userid']==$_SESSION['userid'])
	{

		$password=getdataf('password','usertable','userid',$_POST['userid']);
		$oldpw=md5($_POST['oldpw']);
		if($password==$oldpw)
		{
			if($_POST['newpw']==$_POST['qnewpw'])
			{
				$newpw=md5($_POST['newpw']);
				$cond="password = '".$newpw."'";
				$re=updatef('usertable',$cond,'userid',$_POST['userid']);
				if($re)
				{
					echo "修改成功";
				}
				else
				{
					echo "修改失败";
				}
			}
			else
			{
				echo "密码不一致";
			}
		}
		else
		{
			echo "密码不正确";
		}
		

	}
	else 
	{
		echo "你不允许进行修改";
	}	
}
else
{
	echo "请登陆";
}

?>